U.S. House Energy and Commerce Committee questions Apple on privacy policies

U.S. lawmakers are asking Apple to clarify its privacy policies, specifically how it handles users’ personal information, speech, and location data, The Wall Street Journal reports. A letter to Apple CEO Tim Cook from the House Energy and Commerce Committee cites several recent media reports as raising concerns about how personal data is collected and used, particularly when users take “active steps to prevent being tracked by their device.” Specifically, the letter sent to Cook notes a November 2017 report that revealed that Android phones “collect information on nearby cellular towers even if location services, WiFi, and Bluetooth capabilities are disabled” and there are no third-party apps installed or even a SIM card inserted into the phone, and requests “Apple’s assistance in understanding whether these reports could apply to Apple products” such as the iPhone, and particularly whether data is being used in “ways that consumers do not expect.” The Committee also sent a similar letter to Alphabet CEO Larry Page.

The letter also questions Apple’s use of the microphone, specifically around triggering the Siri voice assistant via “Hey Siri” and suggests that Apple’s recent comments about protecting users’ privacy may in fact be contrary to the company allowing apps such as Facebook and Google to be available on the App Store, noting that “users have consistently had access to apps […] that [Apple has] highlighted as contradictory to Apple’s values,” and that Apple’s recent changes to App Store rules have raised additional questions about how Apple device users’ data is protected.

The letter specifically asks Apple to respond to several pointed questions by July 23, 2018, including whether an iPhone collects and locally stores information on cellular towers, Wi-Fi hotspots, or Bluetooth beacons when no SIM card is inserted, or when Wi-Fi, Bluetooth, or Location Services are disabled, and if so, whether this information is sent to Apple once network connectivity is restored. The letter also asks Apple to clarify whether location services will be re-enabled for all apps if a user chooses to re-enable it only for a single app, and whether the iPhone has the ability to listen to users without a “clear, unambiguous audio trigger” and if so, what Apple does with this data, and whether iPhone devices “collect audio recordings of users without consent.” The remaining questions focus on Apple’s policies for data collection, sharing of data with third-party app developers, limiting availability of data to third-party apps, and the company’s upcoming RapidSOS partnership for emergency 911 location services, and what data will be shared and retained in this arrangement.